Lucene search
K

5422 matches found

NVD
NVD
added yesterday14 views

CVE-2026-56159

Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over a network...

9.8CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-54128

Use after free in Windows DHCP Client allows an unauthorized attacker to execute code locally...

8.4CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-50685

Double free in Windows DHCP Server allows an authorized attacker to execute code over a network...

7.5CVSS
Exploits0References1
NVD
NVD
added yesterday2 views

CVE-2026-50683

Heap-based buffer overflow in Windows DHCP Server allows an authorized attacker to elevate privileges over an adjacent network...

8CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-50370

Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over an adjacent network...

8.8CVSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-54128

CVE-2026-54128 is a Windows DHCP Client use-after-free vulnerability that could allow an unauthenticated local attacker to execute code. The issue, described in the NVD entry and echoed by TALOS, affects the Windows DHCP Client component and is known to have been exploited in the wild (per CIRCL ...

8.4CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added yesterday16 views

CVE-2026-54128 Windows DHCP Client Remote Code Execution Vulnerability

...

8.4CVSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-50683

CVE-2026-50683 is a Windows DHCP Client/Server heap-based buffer overflow that enables an authenticated attacker on an adjacent network to elevate privileges. Public details in the initial entry cite a heap-based overflow and adjacent-access attack path with high impact (C:H, I:H, A:H) and a CVSS...

8CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2026-50685

CVE-2026-50685 is a Windows DHCP Server Remote Code Execution vulnerability caused by a double-free in the DHCP Server component. It is network-exploitable (no user interaction) and rated by Microsoft as an in-scope issue with high impact (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H; CVSS v3.1 base 7.5)....

7.5CVSS6.2AI score
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2026-50518

CVE-2026-50518 is a heap-based buffer overflow in Windows DHCP Server that allows an unauthenticated attacker to execute code remotely over a network. Public sources (NVD, EUVD, CIRCL, MSRC update guidance) confirm the flaw and its impact as remote code execution; Talos notes exploitation in the ...

9.8CVSS6.3AI score
Exploits0References1
Cvelist
Cvelist
added yesterday17 views

CVE-2026-50518 Windows DHCP Server Remote Code Execution Vulnerability

...

9.8CVSS
Exploits0References1
NVD
NVD
added 3 days ago8 views

CVE-2026-61876

LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing adjacent network attackers to inject HTML markup. Attackers can send a DHCPv6 Client FQDN containing script tags that execute in the administrator's browser when viewing DHCP lease pages...

9.4CVSS0.002EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-61876 LuCI DHCPv6 Lease Hostname Stored Cross-Site Scripting

LuCI versions fail to properly encode DHCPv6 lease hostnames before rendering in status tables, allowing adjacent network attackers to inject HTML markup. Attackers can send a DHCPv6 Client FQDN containing script tags that execute in the administrator's browser when viewing DHCP lease pages...

9.4CVSS0.002EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 1:15 p.m.3 views

SUSE-SU-2026:2721-1 Security update for dracut

This update for dracut fixes the following issue - CVE-2026-6893: Root code execution via DHCP options command injection bsc1268322. Changes for dracut: - Update to version 055+suse.402.g2720eea: fixnetwork-legacy: sanitize DHCP values in dhclient-script.sh bsc1268322, CVE-2026-6893...

7.5CVSS6.2AI score0.01131EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 1:15 p.m.2 views

SUSE-SU-2026:2720-1 Security update for dracut

This update for dracut fixes the following issue - CVE-2026-6893: Root code execution via DHCP options command injection bsc1268322. Changes for dracut: - Update to version 055+suse.365.g79144c5: fixnetwork-legacy: sanitize DHCP values in dhclient-script.sh bsc1268322, CVE-2026-6893...

7.5CVSS6.2AI score0.01131EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 11:16 a.m.11 views

CVE-2026-14258

A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser ...

6.5CVSS0.00248EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 9:32 a.m.2 views

SUSE-SU-2026:22446-1 Security update for dracut

This update for dracut fixes the following issue - CVE-2026-6893: Root code execution via DHCP options command injection bsc1268322. Changes for dracut: - Update to version 059+suse.643.g1f1d880: fixnetwork-legacy: sanitize DHCP values in dhclient-script.sh bsc1268322, CVE-2026-6893...

7.5CVSS6.4AI score0.01131EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 7:42 a.m.2 views

SUSE-SU-2026:22496-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues Update to 2.93: - CVE-2026-12725: heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies bsc1268764. Changes for dnsmasq: CVE-2026-12725, bsc1268764: Heap buffer overflow in logquery when logging unsupported DS/DNSKEY replies...

7.5CVSS6.2AI score0.00754EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.10 views

CVE-2026-56113

A flaw was found in dhcpcd. An unauthenticated attacker on the same network link can exploit this vulnerability by sending a specially crafted DHCPv6 RENEW reply. This can lead to a Denial of Service DoS, causing the dhcpcd daemon to crash due to a heap use-after-free vulnerability...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References5
Debian
Debian
added 2026/06/23 9:22 p.m.7 views

[SECURITY] [DLA 4642-1] u-boot security update

Debian LTS Advisory DLA-4642-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson June 23, 2026 https://wiki.debian.org/LTS Package : u-boot Version : 2021.01+dfsg-5+deb11u3 2023.01+dfsg-2+deb12u3 CVE ID : CVE-2024-42040 CVE-2026-46728 Debian Bug : 1081557 1136954...

8.2CVSS6AI score0.00598EPSS
Exploits1
Rows per page
Query Builder